package com.zhx.basis;

import com.alibaba.fastjson.JSONObject;
import org.apache.commons.codec.digest.DigestUtils;
import java.util.Base64;

public class Main {
    public static String sign_key="wszhxo";
    public static void main(String[] args) {
        System.out.println(1);
        JSONObject header=new JSONObject ();//头部
        header.put("alg","HS256");
        JSONObject payLoad=new JSONObject ();//负载数据
        payLoad.put("name","zhx");
        payLoad.put("phone","123456");
        String sign= DigestUtils.md5Hex(payLoad.toString()+sign_key);//签名
        String jwt=Base64.getEncoder().encodeToString(header.toString().getBytes())+"."+
                Base64.getEncoder().encodeToString(payLoad.toString().getBytes())+"."+
                sign;
        System.out.println(jwt);//得到jwt
        //模拟篡改签名
        jwt+="2";
        //解密
        String[] split = jwt.split("\\.");
        String payload1 = new String(Base64.getDecoder().decode(split[1].getBytes()));//解码payload
        System.out.println(payload1);//获得解码后的数据
        //判断签名是否被修改
        boolean b =DigestUtils.md5Hex(payLoad.toString()+sign_key).equals(split[2]);
        System.out.println(b);
    }
}
